I'm the Blue Security Spammer

An anonymous spammer took credit on Friday for taking part in a campaign by hundreds of junk e-mailers to disable the websites of antispam firm Blue Security and affiliated internet companies.

In a message to Wired News, a writer claiming to be "one of the spammers behind (the) Blue Security scandal," said junk e-mailers have organized to collect all e-mail addresses of Blue Security's users. The writer claimed that spammers have collected e-mails of 70 percent to 90 percent of Blue Security's half-million registered users and sent messages to their inboxes.

"Blue Security is indeed hurting our business, but not by taking down our websites," the purported spammer wrote. "Instead, they create a daily nuisance to our server administrators."

Officials at Blue Security, based in Herzlia, Israel, could not be reached Friday to comment on the letter's authenticity. A representative of Blue Security's public relations firm, Affect Strategies in New York, said she and co-workers who use its software have not received similar messages.

Earlier this week, Blue Security's CEO, Eran Reshef, said a Russian spammer operating under the name PharmaMaster orchestrated a string of attacks this week that disabled its site and sent threatening messages to its users.

The spammer, Blue Security said, also took credit for launching denial of service attacks against five hosting providers and Six Apart, one of the internet's largest blog networks, where the antispam firm had posted content.

Blue Security appears to have drawn spammers' ire for its method of eliminating junk e-mail, which involves sending automated opt-out requests on behalf of its registered users to companies whose products are advertised by spammers, among other things. The company claims its methods comply with the U.S. CAN-SPAM Act, an antispam law that allows recipients of unwanted e-mail to opt out of e-mail lists. Only one opt-out request is allowed per spam received. But Blue Security effectively has been able to put the squeeze on spammers by coordinating legal opt-out requests from thousands of customers at once.

In the message to Wired News, the self-described Russian spammer said "attacks" sent by computers running Blue Frog, the tool installed on users' computers to send automated opt-out requests, are easy to handle, but time consuming.

"The point of it is to get Blue Frog software to stop turning its subscribers' computers into zombies that attack our servers," the spammer wrote. "If you want to be removed from our mailing list, please opt out first."

John Levine, a board member of the Coalition Against Unsolicited Commercial Email, said that while it's not clear the letter's author is who they claim to be, a spammer could realistically gather Blue Security's users' e-mail addresses.

"The problem with any antispam list is you can reverse engineer it," Levine said. "People can find out who's on the list."

Blue Security's website was operating normally on Friday, after being inaccessible most of the week. Reshef said on Thursday the attack appeared to involve a breach of the internet's backbone that blocked incoming traffic to the site.

However Todd Underwood, chief operations and security officer at internet routing analysis firm Renesys, said the site's inaccessibility seemed to result from a traditional denial of service attack, in which an attacker floods a target with incoming packets of data.

In response to DoS attacks, ISPs commonly block all incoming traffic to a site, but they usually notify its operators first, he said.